aboutsummaryrefslogtreecommitdiff
path: root/manifests/subsystems
diff options
context:
space:
mode:
authordrebs <drebs@riseup.net>2012-01-11 03:45:43 -0200
committerdrebs <drebs@riseup.net>2012-01-11 03:45:43 -0200
commit9cc3e685f4cda15141738da03cf2601a2d00fe58 (patch)
treee13a1a21b098a0257d8db76b010189ee57f236d9 /manifests/subsystems
parent9605a0654c20210afddd936a1be4500139aaeb4a (diff)
downloadpuppet-nodo-9cc3e685f4cda15141738da03cf2601a2d00fe58.tar.gz
puppet-nodo-9cc3e685f4cda15141738da03cf2601a2d00fe58.tar.bz2
adding port 9030 for tor
Diffstat (limited to 'manifests/subsystems')
-rw-r--r--manifests/subsystems/firewall/vserver.pp24
1 files changed, 22 insertions, 2 deletions
diff --git a/manifests/subsystems/firewall/vserver.pp b/manifests/subsystems/firewall/vserver.pp
index 623e6f1..e489a68 100644
--- a/manifests/subsystems/firewall/vserver.pp
+++ b/manifests/subsystems/firewall/vserver.pp
@@ -333,7 +333,7 @@ class firewall::vserver::dns($destination, $zone = 'vm') {
}
class firewall::vserver::tor($destination, $zone = 'fw') {
- shorewall::rule { 'tor-1':
+ shorewall::rule { 'tor-0':
action => 'DNAT',
source => 'net',
destination => "$zone:$destination:9001",
@@ -343,7 +343,7 @@ class firewall::vserver::tor($destination, $zone = 'fw') {
order => '2100',
}
- shorewall::rule { 'tor-2':
+ shorewall::rule { 'tor-1':
action => 'DNAT',
source => '$FW',
destination => "$zone:$destination:9001",
@@ -352,5 +352,25 @@ class firewall::vserver::tor($destination, $zone = 'fw') {
originaldest => "$ipaddress",
ratelimit => '-',
order => '2101',
+
+ shorewall::rule { 'tor-2':
+ action => 'DNAT',
+ source => 'net',
+ destination => "$zone:$destination:9030",
+ proto => 'tcp',
+ destinationport => '9030',
+ ratelimit => '-',
+ order => '2102',
+ }
+
+ shorewall::rule { 'tor-3':
+ action => 'DNAT',
+ source => '$FW',
+ destination => "$zone:$destination:9030",
+ proto => 'tcp',
+ destinationport => '9030',
+ originaldest => "$ipaddress",
+ ratelimit => '-',
+ order => '2103',
}
}